FortiPrivateCloud v2.1 Release Notes

FortiPrivateCloud Release Notes
VERSION 2.1
FORTINET DOCUMENT LIBRARY
http://docs.fortinet.com
FORTINET VIDEO GUIDE
http://video.fortinet.com
FORTINET BLOG
https://blog.fortinet.com
CUSTOMER SERVICE & SUPPORT
https://support.fortinet.com FORTIGATE COOKBOOK
http://cookbook.fortinet.com
FORTINET TRAINING SERVICES
http://www.fortinet.com/training
FORTIGUARD CENTER
http://www.fortiguard.com
END USER LICENSE AGREEMENT
http://www.fortinet.com/doc/legal/EULA.pdf
FEEDBACK
Email: [email protected]
Thursday, April 02, 2015
FortiPrivateCloud version 2.1 Release Notes
Change Log
Change Log
Date
Change Description
2015-04-02
FPC 2.1.0 release.
3
FPC Release Notes Version 2.1
Introduction
Introduction
This document provides information about the FortiPrivateCloud v2.1 release, and includes the following
sections:
"Introduction" on page 4
"Upgrade Information" on page 7
"Special Notices" on page 6
"Product Integration and Support" on page 8
"Known Issues" on page 9
Product Overview
FortiPrivateCloud (FPC) enables a Managed Security Service Provider (MSSP) to operate a cloud-based hosted
security management and log retention service. The service provides the MSSP end-customers with centralized
reporting, traffic analysis, configuration management, and log retention without the need for the end customer to
invest in additional hardware and software.
Supported models
The FortiPrivateCloud product is delivered as virtual machine OVF files for the VMware hypervisor.
You can download the OVF files from the Fortinet customer service page (one portal file, one collector file):
l
FPC_VM64-v2-build00XX-release.out.ovf.zip
l
FPC_VM64-v2-build00XX-release-Collector.out.ovf.zip
Key Features
FPC Release 2.1 provides the following features:
l
dashboard widgets for system and log status
l
log viewer with filters
l
drill-down analysis of user and network activity
l
report generator (with customization options)
l
wireless network status, device management
l
policy management
l
(optional) Single Sign-On (SSO) using FortiAuthenticator
4
FPC Release Notes Version 2.1
Introduction
The Fortinet document library at http://docs.fortinet.com/fpc provides additional information about the
FortiPrivateCloud product.
Summary of enhancements
FPC 2.1 is the first formal release of FortiPrivateCloud.
The following is a list of enhancements in release 2.1 compared to the demonstration version of the FPC product:
1. A new tab Audit has been added for the service provider.
2. Audit logs will be written for all admin activities in FPC.
3. In addition to allowing the end customers to edit the Policies, the following Firewall objects can be made editable
by the end customer (configurable per-customer):
l
Firewall addressing
l
Spam Filter profile
l
Web filter profile
l
Application Sensor control
4. Per-customer permissions to allow the editing of firewall objects.
5. Installation sub-tab in the Policy and Objects tab for re-installing updated packages to the respective
FortiManager devices.
6. The columns in the Policy tab can be customized using the Column Settings in the Policy tab
7. Auto-registration of devices assigned to customers on the collector.
8. Site filter introduced for both security and wireless widgets in end customer dashboard
9. SSO changes for Service Provider settings page and Add / Edit Customer page.
10. SSO Caching of the user changes for the end customer dash board widgets – where even a remote customer user
can change the layout of the default widgets.
11. Change password has been hidden for all remotely authenticated users.
12. Add/Edit/Delete service provider users is also not available for a remote service provider user.
13. Devices limit and expiration date validation for a given license.
14. Site filter for wireless reports has been added.
15. Wireless Networks tab in the Customer dashboard has FAP view and SSID view.
16. Wireless status has been added to Device Tab in the service provider dashboard where:
l
In FortiManager View, a new column called wireless.
l
In Controller View, a new column called wireless.
17. A total of 7 new widgets have been added: 2 in the service provider dashboard and 5 in the customer dashboard.
5
FPC Release Notes Version 2.1
Special Notices
Special Notices
Firewall Policy Write Access behavior
A Service Provider User will not be able to add/edit/delete policies unless the "Firewall Policy Write Access" is set
to “enable” in the admin settings. It is set at the global level and policy write access is available to all Customers
once it is enabled.
Object Write Access behavior
The service provider can set permissions for objects on a per-customer basis. You can set the permissions for
AntiSpam, Firewall Address, Application Control, and Web Filtering. The Service Provider Users and Customer
Users can only edit the objects that have permissions enabled.
6
FPC Release Notes Version 2.1
Upgrade Information
Upgrade Information
FortiPrivateCloud 2.1 does not support upgrades from any previous software version.
7
FPC Release Notes Version 2.1
Product Integration and Support
Product Integration and Support
FortiManager
In the FPC solution, all FortiGate devices must be managed by FortiManager, version 5.0.8 or 5.2.0
Hypervisor Support
All VM instances run on VMware ESX Server version 5.5 or later.
Web Browser Support
The following browser versions are supported:
l
Microsoft Internet Explorer version 10
l
Mozilla Firefox version 33
l
Google Chrome version 41
Other web browsers may function correctly, but are not supported by FortiPrivateCloud.
8
FPC Release Notes Version 2.1
Known Issues
Known Issues
The FortiPrivateCloud 2.1 release includes the following known issues.
Known issues
Defect ID
Description
0270293
Expand button is shown even if there are no SSIDs associated with the FAP
0272005
ADOM names are not displayed for devices in the Policy tree
0273676
In the customer reports, in certain cases depending upon the amount of data, a few tables can
span across multiple pages if it cannot be fit in one single page.
0273817
On the customer dashboard, when a search has the same date for start and end date, an error
is thrown on the UI.
0273875
The FPC does not send SNMP traps when the hard disk space is low or full.
0274125
When a device (FortiGate or VDOM) that is used as a wireless controller is removed from the
site, wireless data is not completely removed.
Work around: delete the wifi network before removing the wireless controller from the site.
For inquires about a particular issue, please contact Customer Service & Support
9
FPC Release Notes Version 2.1
Copyright© 2015 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet,
Inc., in the U.S. and other jurisdictions, and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company
names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and
actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein
represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written
contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified
performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For
absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. In no event does Fortinet make any
commitment related to future deliverables, features, or development, and circumstances may change such that any forward-looking statements herein are not accurate.
Fortinet disclaims in full any covenants, representations,and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify,
transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.